Closed
Bug 1376758
Opened 8 years ago
Closed 8 years ago
Clickjacking in Core Mozila Product: Shield: qsurvey.mozilla.com
Categories
(Websites :: Other, defect)
Websites
Other
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 1329005
People
(Reporter: niputiwari, Assigned: tdowner)
References
()
Details
(Keywords: reporter-external, sec-moderate, wsec-crossdomain, Whiteboard: [reporter-external] [web-bounty-form] [verif?])
Attachments
(1 file)
|
580.79 KB,
application/pdf
|
Details |
Vulnerability Category comes under CWE 693 https://cwe.mitre.org/data/definitions/693.html
Nice read: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
POC
Steps 1. Open https://qsurvey.mozilla.com/survey-software-features/salesforce/
Step 2. Craft a clickjack page
<html>
<!-- Clickjack PoC - Clickjack -->
<body > <iframe src="https://qsurvey.mozilla.com/survey-software-features/salesforce/"
width=75% height =75%/>
</body>
</html>
Step 3: Open a specially crafted page and observe that page is loaded in iframe.
Step 4: Within iframe loaded page click services-> programming services. Observe that user is directed to programming services page. i.e; clickjack attack is happening.
Flags: sec-bounty?
|
||
Comment 1•8 years ago
|
||
Yeah, distinct lack of an X-Frame-Options header :/
|
|
||
Updated•8 years ago
|
Assignee: nobody → tdowner
Flags: needinfo?(tdowner)
Flags: needinfo?(glind)
|
Assignee | |
Comment 2•8 years ago
|
||
Surveygizmo is aware and has created a card to add support for x-frame-options, however they are treating it as a new feature and not a security issue. Hopefully they will add support soon.
Status: NEW → RESOLVED
Closed: 8 years ago
Flags: needinfo?(tdowner)
Resolution: --- → DUPLICATE
|
|
Assignee | |
Updated•8 years ago
|
Flags: needinfo?(glind)
|
|
||
Comment 3•8 years ago
|
||
Thanks Tyler
|
||
Updated•6 years ago
|
Group: websites-security
|
||
Updated•1 year ago
|
Keywords: reporter-external
You need to log in
before you can comment on or make changes to this bug.
Description
•